Enabling Secure Boot on Linux with the Windows Technical Preview

When we released Windows Server 2012 R2 / Windows 8.1 and introduced the world to Generation 2 virtual machines – we were only able to run Windows guest operating systems. In the following months we worked with a bunch of folks in the Linux community and were able to get a number of Linux distributions running on Generation 2 virtual machines.

With the Windows technical preview released we have worked to make this even better. For the first time you can enable Secure Boot on a virtual machine running Linux. To do this you will need to:

Create a Generation 2 virtual machine

Change the Secure Boot certificate of the virtual machine using the following PowerShell command:Set-VMFirmware “VM Name” -SecureBootTemplate MicrosoftUEFICertificateAuthority

Install a version of Linux that supports SecureBoot using this template (presently Ubuntu or SuSE – latest versions)

Once you have done this – you can verify that Secure Boot is present and functionaly in the system by running: